# -*- encoding:utf-8 -*-
import os
import json


def loadCONF(path, sysPath="/opt/sap/conf/sap.ini"):
    """
    arguments:
    @param: sysPath 生产环境配置文件默认位置
    @param: path 开发环境，指定配置文件路径
    @return: dict, 详细配置
    """
    import platform
    import configparser as cp
    from cencrypt.cencrypt import cencrypt

    configPath = sysPath
    if "Windows" == platform.system() or "Darwin" == platform.system():
        configPath = path
    cf = cp.ConfigParser()
    ec = cencrypt()
    with open(configPath) as f:
        f_content = f.read()
    data = unicode(ec.decryptionstr(f_content), "utf-8")
    # data = unicode(f_content, "utf-8")
    cf.read_string(data)
    sets = cf.sections()
    conf = {}
    for key in sets:
        conf[key] = {}
        vals = cf.items(key)
        for val in vals:
            conf[key][val[0]] = val[1]
    return conf


filepath = "./sap.ini"
conf = loadCONF(filepath)


class FlaskConfig(object):
    # 调试
    DEBUG = True
    # Cookie加密需要
    SECRET_KEY = os.urandom(24)
    # 允许上传文件的大小(字节)
    MAX_CONTENT_LENGTH = 2 * 1024 * 1024 * 1024


class DatabaseConfig(object):
    siem = json.loads(conf.get('SAP-API').get('pg_conn'))
    siem_stc = json.loads(conf.get('SAP-API').get('pg_conn_stc'))
    ES_ADDR = conf.get('SAP-API').get('es')


# 系统开始运行时间
systemStart = '2016-12-21'
# limit: 不允许同时登录, keep: 允许同时登录, hoof 踢掉正在登录的用户
authStatus = 'keep'
# 获取用户IP地址信息
ipType = 'X-Real-IP'
# session保存时间
sessionSaveTime = 60 * 20
# 用户默认密码
defaultPassword = 'mh!.init*pwd2018'
# elastic search ip
ES_ADDR = conf.get('SAP-API').get('es')

# elastic user name
ES_USER_NAME = conf.get('SAP-API').get('es_user')

# elastic user password
ES_USER_PASSWD = conf.get('SAP-API').get('es_pw')

# elastic port
ES_PORT = 43101

# elastic search timeout
ES_TIMEOUT = 120

# 嵌套类型的字段名称
NESTED_LIST = ['asset', 'file', 'domain']

# 代码存放路径
installationPath = os.getcwd()

# 字体
DATX = installationPath + '/lib/mydata4vipday2.datx'

# WEB部署所在的服务器IP
WEB_IP = conf.get("SAP-API").get("web_ip")

# WEB登录地址
LOGIN_ADD = conf.get("SAP-API").get("login_address")

# 项目名称
"""
    项目名称对照: {
        "YongZhou": "湖南永州网站监测",
        "JiangXiZhengWuYun": "江西政务云态势感知",
        "mhWEB": "民航网站监测子系统"
    }
"""
PROJECT_NAME = conf.get('SAP-API').get('project_name')

# redis ip地址
REDIS_IP = conf.get('SAPDAAS').get('redis_ip')

REDIS_PWD = conf.get('SAPDAAS').get('redis_pwd')

# redis 端口号
REDIS_PORT = conf.get('SAPDAAS').get('redis_port')

# redis 库编号
REDIS_DB_SEQ = conf.get('SAPDAAS').get('redis_db_seq')

# 计算服务IP
KB_REMOTE_IP = conf.get('SAPDAAS').get('kb_remote_ip')

# 查询服务端口
KB_REMOTE_PORT = conf.get('SAPDAAS').get('kb_remote_port')

# 病毒类型正则匹配
TYPE_STR = 'Trojan|Virus|GrayWare|RiskWare|HackTool|JunkFile|Worm|TestFile'

# 病毒平台正则匹配
PLAT_STR = 'Win32|DOS|MSWord|Android|VBS|BAT|Script|Linux|MSIL|JS|Boot|Win64|Multi|IRC|HTML|Perl|MSExcel|OSX|PHP|Win16|Java|NSIS|Win9x|SWF|SymbOS|Unix|Python|J2ME|WinREG|Boot-DOS|MSOffice|WinLNK|Shell|Mac|IphoneOS|PDF|WinCE|MSAccess|ASP|OLE2|SunOS|HTA|RAR|PIF|MSPPoint|Acad|Ruby|FreeBSD|DOS32|RTF|ZIP|WinHLP|BAS|WMA|WinINF|OS2|EPOC|BlackberryOS|StarOffice|MSVisio|MSProject|EFI64|Palm|ANSI|WBS|SGold|SAP|MySQL|MSH|HWP|TSQL|TI|SIM|Novell|Menuet|Matlab|Lua|IIS|GZip|CSC|BeOS|ASF|AmiPro|ABAP|1C|WordPro|WinPIF|WinPhone|WHS|SWScript|QNX|PSP|PAC|NDS|MSToolbook|MSSQL|MSPublisher|Moo|MEL|MakeFile|Lotus123|KIX|IRIX|Ichitaro|HPJ|HA|Ferite|EFI32|BZip|ARJ|ALS|Solaris|QNXS|WScript|Macro|SQL|PowerShell'

# 病毒行为正则匹配
BEHA_STR = 'AdTool|AdWare|ArcBomb|AVTool|Backdoor|BadJoke|Banker|Clicker|Client-IRC|Client-P2P|Client-SMTP|Constructor|CrackTool|DDoS|Dialer|DoS|Downloader|Dropper|Email|Exploit|FakeAV|Flooder|FraudTool|GameThief|Garbage|HackTool|Hoax|IM|IRC|Joke|Mailfinder|Monitor|MultiPacked|Net|NetTool|Notifier|P2P|Packed|Porn-Dialer|Porn-Downloader|Porn-Tool|Proxy|PSW|PSWTool|Ransom|RemoteAdmin|RiskTool|Rootkit|Server-FTP|Server-Proxy|Server-Telnet|Server-Web|SMS|SpamTool|Spoof|Spy|SuspiciousPacker|Tool|VirTool|WebToolbar|Modifier|AutoRun|Injector|Phishing|Toolbar|KeyLogger|Filecoder|AdDisplay|LockScreen|Spammer|HLLW|Sniffer|Bundler|Rogue'

# 日志导入模板 存放路径
# EVENTS_TEMPLATE = installationPath + "/module/demo/监测日志导入模板.xlsx"

# 日志导入数据实例 存储路径
UPLOAD_EVENTS_SAVE = "/mapping/var_data/sap-api/upload"

# 操作日志导出csv模板 存放路径
OPERATE_DOWNLOAD_CSV = "/mapping/var_data/sap-api/upload/operatelogCsv.csv"

# 操作日志导出excel模板 存放路径
OPERATE_DOWNLOAD_EXCEL = "/mapping/var_data/sap-api/upload/operatelogExcel.xlsx"

# 日志导出数据实例 存储路径
EXPORT_EVENTS_SAVE = "/mapping/var_data/sap-api/export"

# 深度分析分析依据上传文件地址 存储路径
MAN_ANALYSIS_SAVE = "/mapping/var_data/sap-api/upload/analysisFile"

# 监测日志导出 分类格式
EVENT_TYPE_SET = {
    "attack": """["%(ts)s", "%(id)s", "%(stype)s", "%(sys_name)s", "%(unit)s", "%(sip)s","%(dip)s","%(proto)s","%(md5)s","%(malname)s", "%(virus_family)s","%(url)s","%(host)s","%(load_md5)s"]""",
    "vul": """["%(ts)s", "%(id)s", "%(stype)s", "%(sys_name)s", "%(unit)s", "%(vul_name)s", "%(vul_url)s", "%(cve_id)s"]""",
    "visible": """["%(ts)s", "%(id)s", "%(stype)s", "%(sys_name)s", "%(unit)s", "%(status)s"]""",
    "audit": """["%(ts)s", "%(id)s", "%(stype)s", "%(sys_name)s", "%(unit)s", "%(url)s", "%(dev_name)s", "%(op_result)s", "%(op_ts)s"]""",
    "all": """["%(ts)s", "%(id)s", "%(stype)s", "%(sys_name)s", "%(unit)s", "%(sip)s","%(dip)s","%(proto)s","%(md5)s","%(malname)s","%(virus_family)s","%(url)s","%(host)s","%(load_md5)s","%(vul_name)s","%(vul_url)s","%(cve_id)s","%(dev_name)s","%(op_result)s","%(op_ts)s","%(status)s"]"""
}


# 监测日志 stype对照

EVENT_STYPE = {
    "os_vul": "系统漏洞",
    "web_vul": "WEB漏洞",
    "darklink": "暗链",
    "sensitive": "敏感词",
    "threat_phish": "钓鱼",
    "mis": "篡改",
    "threat_trojan": "挂马",
    "weak_pwd": "弱口令",
    "visible_dns": "DNS可用性",
    "visible_http": "HTTP可用性",
    "visible_ping": "PING可用性"
}

# 监测日志 聚合内容对照
EVENTS_AGGS_TYPE = {
    "stype": {"name": u"标签聚合_日志类型", "arr": [u"日志类型", u"数量"]},
    "name": {"name": u"标签聚合_系统名称", "arr": [u"系统名称", u"数量"]},
    "belong_area": {"name": u"标签聚合_所属区域", "arr": [u"所属区域", u"数量"]},
    "unit": {"name": u"标签聚合_所属机构", "arr": [u"所属机构", u"数量"]}
}

# 任务类型对照
TASK_TYPE = {
    "normal": "日常监测",
    "special": "重保监测",
    "verify": "验证性任务"
}

# 同步接口 日志路径
LOG_PATH = installationPath + "/log"

# kafka client配置
KAFKA_CLIENT = conf.get('SAPDAAS').get('kafka_conf')

# kafka topic配置
KAFKA_TOPIC = "sync_error"

# 单点登录 请求用户编号链接
SSO_API = conf.get("SAP-API").get("sso_api_path") + conf.get("SAP-API").get("sso_app_id") + "?code="
SSO_URL = conf.get("SAP-API").get("sso_target") + SSO_API

# 合作方连接校验-http头中的约定
ATAMS_USER_ID = "ANTIY"
ATAMS_PASSWORD = "03EFE6ED508E610608C1375C0D35E658"
ATAMS_SIGN_SALT = "E0630FFE550F06B8571F0523ADF910F0"  # 数字签名用户侧用到的盐

#合作方安管子平台后端地址
SAFETY_MANAGEMENT_IP = conf.get("SAP-API").get("safety_management_ip")

if __name__ == '__main__':
    print ATAMS_USER_ID
